1. Field of the Invention
The present invention relates to an apparatus for the secure transfer of one or more data files from a source to a recipient. The present invention also relates to a method of transferring data securely and a computer-readable medium.
2. Description of the Related Art
Systems for transferring data files from an organisation to a recipient outside the organisation are well known. Traditionally, this may involve sending hard copy in the post or when time critical, sending the data by courier.
Electronic mail is also well established for the transmission of machine-readable data but many organisations now include information governance systems which may place limits on the extent to which email may be used.
The use of email is difficult to control in that it is difficult to place safeguards on the extent to which data may be distributed throughout the Internet. It is also difficult to manage workflow in that in order for data to be transmitted outside the organisation, it may be necessary to seek managerial approval. However, in order for the workflow to be achieved in a reasonable time and to avoid placing unnecessary burden upon senior management, approval may be given by senior management but the task of actually sending the data may be delegated. Existing email systems do not lend themselves to the management of workflow in these situations.
A further problem with the use of existing email is that email attachments are held on many servers in a non-secure way. Thus, even when data is encrypted or compressed, it is likely that some information can be derived from file headers or file names etc.
A further problem also exists with email transmission in that it is usual practice for a limit to be placed on the size of the files that may be transmitted. These limits are continually increasing but at the same time data files are also increasing in size. Consequently, there is a risk that an urgent and important file required outside the organisation may be held up due to file size restrictions.
A further problem exists when file encryption is used for files sent as email attachments. In some circumstances, sensitivities may exist in terms of data being encrypted or compressed given that there is a risk that the data itself may in some way corrupted. In many situations such corruption is obvious but in some more critical situations such as, for example, the transmission of medical related data, the risk of such corruptions cannot be tolerated given that the modified data could be perceived as valid when not actually accurate. Thus, general encryption techniques are not encouraged within such environments.
It is therefore appreciated that an improved system is required for the transfer of data to a recipient outside an organisation in a secure and certain way so as to satisfy the requirements of information governance. However, it is also appreciated that such systems must be easy to use and particularly easy to use on the part of a recipient. Any complications may result in the recipient refusing to receive the data and ultimately this may then lead to previously adopted techniques being used, such as the data being dispatched by courier.